edx-platform

Andal.LND/edx-platform

Fork 0

Commit Graph

Author	SHA1	Message	Date
Usman Khalid	131c8cbf10	Catch InvalidKeyError in course_id_from_url(). LMS-9663	2014-08-08 18:21:48 +05:00
Julia Hansbrough	f351b05031	Fixing email link injection bug Several templates used a variable set by the user (the request host header). This led to a vulnerability where an attacker could inject their domain name into these templates (i.e., activation emails). This patch fixes this vulnerability. LMS-532	2013-12-18 13:38:36 -05:00

Author

SHA1

Message

Date

Usman Khalid

131c8cbf10

Catch InvalidKeyError in course_id_from_url().

LMS-9663

2014-08-08 18:21:48 +05:00

Julia Hansbrough

f351b05031

Fixing email link injection bug

Several templates used a variable set by the user (the request host header).  This led to a vulnerability where an attacker could inject their domain name into these templates (i.e., activation emails).  This patch fixes this vulnerability.

LMS-532

2013-12-18 13:38:36 -05:00

2 Commits